FTC 2022 Regulatory Priorities to Include Privacy and Security


As we look to 2022, a question on many companies’ minds is what actions we will see from the FTC. Two recent developments are important on that front.

First, the FTC recently signaled its intent to initiate rulemaking on issues of privacy and security. The Commission indicated that it wants to curb lax security practices and limit privacy abuses. It is also interested in making sure that algorithmic decision-making does not result in unlawful discrimination. The FTC signaled this intent through an Advanced Notice of Proposed Rulemaking, which has a deadline of February 2022. At that time, interested parties can respond to the proposed rulemaking and provide suggestions or alternative methods for achieving the objectives. The FTC may then decide to begin its rulemaking process.

Second, the FTC recently published its annual Statement of Regulatory Priorities. This statement provided updates on a number of different priorities, including several relating to privacy and security. Topics included issues relating to the collection of information from children, health care privacy, and privacy and data security for those in the financial services space. Each are summarized below:

The Commission’s plan to take up additional privacy rulemaking in the new year is unsurprising in light of its vote earlier in the summer to streamline the rulemaking process under Section 18 of the FTC Act. Those changes included giving the FTC chair oversight authority and removing some of the public comment periods

Putting it into PracticeThese rulemaking initiatives may add further complexity in 2022, especially as companies begin to prepare for forthcoming laws in ColoradoVirginia, and updates in California.


Copyright © 2025, Sheppard Mullin Richter & Hampton LLP.
National Law Review, Volume XI, Number 356